metasploit | b8d143e811b80961bc4245ce58cc04c81950246b11ff294917d269a239b7b160 | Triage

Sharing

General

Target

msf100k.ps1
Size

251KB
Sample

250328-jlbrxsvpz8
MD5

815bc9a2bda28cce0c598780c6a8b760
SHA1

b69dfbc0bde78569fbb6f80375d37747d75735d9
SHA256

b8d143e811b80961bc4245ce58cc04c81950246b11ff294917d269a239b7b160
SHA512

5d7c308ab8bb6414c485edca1841ca0eb00fea78f569a7c621fefab9aa2b8ff5cbc2088fbd1a368804c550a7f427356486d29fda316b6c34b5980bff150dd485
SSDEEP

48:q+MThimb7RBARAbLPorNfAse3+soGoNeVBXTSbS4:BGTXA0PohfXBGoCJ+z

Score

10^/10

metasploit backdoor execution trojan

Malware Config

Extracted

Family

metasploit

Version

windows/reverse_tcp

C2

10.254.66.59:8888

Targets

- Target
  
  msf100k.ps1
- Size
  
  251KB
- MD5
  
  815bc9a2bda28cce0c598780c6a8b760
- SHA1
  
  b69dfbc0bde78569fbb6f80375d37747d75735d9
- SHA256
  
  b8d143e811b80961bc4245ce58cc04c81950246b11ff294917d269a239b7b160
- SHA512
  
  5d7c308ab8bb6414c485edca1841ca0eb00fea78f569a7c621fefab9aa2b8ff5cbc2088fbd1a368804c550a7f427356486d29fda316b6c34b5980bff150dd485
- SSDEEP
  
  48:q+MThimb7RBARAbLPorNfAse3+soGoNeVBXTSbS4:BGTXA0PohfXBGoCJ+z
Score

10^/10

metasploit backdoor execution trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Metasploit family
  metasploit
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoorexecutiontrojan

behavioral2

metasploitbackdoorexecutiontrojan